Learn Penetration Testing From Professional Hackers !

Get Hands-On Experience With Real Hacking Tools

Cost Effective. Live. In-Person Instruction.

Training Course: Testing Web Application Security

Description

This course provides the knowledge and skills Testers need to detect security vulnerabilities in web applications using a combination of manual and automated methods. Testing Web Application security is not intuitive and to be effective you need an understanding of web application design, HTTP, Javascript, browser behavior, and potentially other technologies such as AJAX, JSON, and XML.

Audience

This course is designed for experienced QA staff who wish to gain the skills and learn the techniques necessary to accurately and thoroughly assess the security of web applications.

Duration

2 Days

Objectives

Recognize common web application security vulnerabilities and how to determine if they are present in web applications

Recognize web application design assumptions and how to exploit them

Be familiar with the capabilities of various Browser Proxies

Be familiar with the capabilities of various Penetration Testing tools

Be prepared to detect Access Control Vulnerabilities

Be prepared to detect SQL Injection Vulnerabilities

Be prepared to detect Cross-Site Scripting (XSS) Vulnerabilities

Be prepared to detect Authentication and Session Vulnerabilities

Be prepared to test web application security

Setup

Ideally, the classroom environment should support the technologies employed within the firm in regards to the Web Server, testing tools, and database.

Burp Suite (Free or Professional)

OWASP Zed Attack Proxy (ZAP)

Firefox

with TamperData

Access to a Quality Assurance (QA) Enviroment… OR:

A Web Application Server Environment, such as:

Java 2 Standard Edition (J2EE)

Microsoft C# .NET Studio

Apache and PHP

AND a Database Management System, such as:

Apache Derby

SQL Server Express

Text

Course Workbook

Prerequisites

Application Security and the SDLC

A solid understanding of either Java and JSPs, OR C# .NET and ASPs, OR PHP

Outline

Topic 1: Introduction

Welcome

Motivation

Course Objectives

Course Overview

The Software Development Lifecycle (SDLC)

Security in the SDLC

The Importance of Security Requirements

Application Security in Context

Lab Exercise: Requiring Security

Quiz

Topic 2: A Taxonomy of Web Application Vulnerabilities

Debug Info in Prod

Denial of Service

Failure to Respond to Attack

Failure to Verify Integrity

HTTP

Information Leakage

Injection

Insecure Coding

Insecure I/O

Insecure Platform

Intentional

Poor Access Control

Poor Certificate Management

Poor Input Validation

Poor Password Management

Poor Session Management

Race Condition

Replay

Sensitive Info Exposure

Trusting DNS

Lab Exercise: The OWASP Top 10

Quiz

Topic 3: Using a Web Proxy

Viewing Web Page Source

Example: Tamper Data

Violating Designer Assumptions

Errors vs. Unexpected Behavior

Crafting Malicious Input

Example: Burp Proxy

Example: OWASP ZAP

Lab Exercise: Injection Rejection

Quiz

Topic 4: Detecting XSS

What is Cross-site Scripting ?

Example: Cross-site Scripting

Detecting XSS Vulnerabilities

Case Study: But I don’t Like Spam

Lab Exercise: XSS Attacks

Quiz

Topic 5: Detecting SQL Injection

What is SQL Injection ?

Case Study: I Still Don’t Like Spam

Detecting SQLi Vulnerabilities

Lab Exercise: SQLi Attacks

Quiz

Topic 6: Detecting Command Injection

What is Command Injection ?

Case Study: Do the Math

Detecting Command Injection Vulnerabilities

Other Injection Attacks

Lab Exercise: Taking Command

Quiz

Topic 7: Detecting Access Control Vulnerabilities

Password Strength & Management

Testing for Account Enumeration

Navigate Your Way

Testing for Client Side Access Control

Roles, Accounts, and Permissions

Testing for Cross-site Request Forgery

Testing for Path Traversal

Testing for Horizontal Escalation

Testing for Replay

Testing for Session Fixation

Testing for Session Termination

Lab Exercise: Out of Control

Quiz

Topic 8: Detecting Other Vulnerabilities

Parameter Mayhem

Sensitive Information Exposure

Event Timing

File Uploads and Transfers

Testing for Denial of Service

Lab Exercise: Go Get ‘Em

Quiz

Topic 9: Miscellaneous Topics

Application Security in Perspective

Security Manager Design Pattern

Avoiding Common Vulnerabilities

Security in the SDLC

The Security Design Review

The OWASP ESAPI

Appendix Web Application Vulnerability Taxonomy

Appendix Summary of Special Characters

Appendix Quiz Answers

Register

For more information or to register for this training course, call 1-800-840-2335 or contact us on our website.

Search for:

Cyber-security is more critical than ever before. You need a partner with the right expertise.